John C Klensin wrote:
Tony,
Given the confusion about readings, I'd recommend modifying your
changes to make them brutally clear. Suggestions below.
--On Thursday, January 29, 2009 12:04 -0500 Tony Hansen
<tony(_at_)att(_dot_)com> wrote:
If we were to write an Errata against RFC 3207, I'd suggest
text such as the following (in Errata format):
Section:
4.2 Result of the STARTTLS Command
Old text:
The server MUST discard any knowledge obtained from the
client, such as the argument to the EHLO command, which was
not obtained from the TLS negotiation itself.
New text:
The server MUST discard any knowledge obtained from the
client that was not obtained from the TLS negotiation
itself. The server state is otherwise as if the connection
had just been opened.
s/opened/opened, i.e., before a session has been established by
the client sending EHLO/
Sure.
Reason:
The example is misleading and has lead some people to think
that knowledge of an EHLO having been sent previously
should be remembered.
Section:
4.2 Result of the STARTTLS Command
Old text:
The client SHOULD send an EHLO command as the
first command after a successful TLS negotiation.
New text:
The client MUST send either an EHLO command or a HELO
command as the first command after a successful TLS
negotiation.
s/HELO command as/HELO command, or a command that does not
require that a mail transaction be open, as/
That can be done in several other ways, but I don't think you
can or should prohibit VRFY, EXPN, HELP, etc., there.
Yes, I've missed that. +1 (Modulo dropping HELO)